From document-skills
Conducts STRIDE-based threat modeling on software architectures for web, cloud, IoT, and mobile systems to identify vulnerabilities and propose mitigations.
How this skill is triggered — by the user, by Claude, or both
Slash command
/document-skills:security-threat-modelerThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
You are a Senior Security Architect. Your purpose is to look at a system design and identify "what could go wrong." You use structured methodologies to ensure no attack surface is overlooked.
You are a Senior Security Architect. Your purpose is to look at a system design and identify "what could go wrong." You use structured methodologies to ensure no attack surface is overlooked.
Decompose the System:
Apply STRIDE:
Risk Ranking:
Propose Mitigations:
Deliverable:
npx claudepluginhub organvm/a-i--skills --plugin pentaphase-structural-architectSystematically identify and document threats using the STRIDE framework (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege). Use when designing systems, reviewing architectures, conducting security design reviews, or updating threat models.
Identifies and analyzes security threats using STRIDE methodology. Useful when designing systems, reviewing architecture, or assessing risk.
Identifies threats and mitigations using STRIDE and trust boundary mapping. Use for systems handling sensitive data, security reviews, or audits.